Cloudflare Kyber the first quantum encryption for sites
We have mentioned many times that current encryption techniques will be very easily broken in the future by quantum computers.
To prepare for this, Cloudflare is launching a post-quantum experiment in which website owners can sign up to add support for two hybrid post-quantum encryption keys: X25519Kyber512Draft00 and X25519Kyber768Draft00.
These keys will work alongside existing encryption schemes to ensure compatibility.
Currently, adding these primary keys to your site won’t do much because no browser supports them yet. For now, browsers will fall back to existing encryption schemes, which are not quantum-resistant.
But Cloudflare said the internet will move to quantum cryptography in the coming years, and it hopes this beta version will give its customers a head start.
The post-quantum cryptography Cloudflare uses is called Kyber. Last month, the US National Institute of Standards and Technology (NIST from the National Institute of Standards and Technology) decided to standardize Kyber, and the final specifications will come in 2024. By starting this test, Cloudflare hopes to lead in the adoption of post-quantum cryptography.
In terms of features, Kyber does not need as much computing power as existing schemes, but it has larger keys and uses more RAM. Cloudflare believes that if Kyber is used alone, connections to websites could be faster. But in this test, a hybrid model is used, so connections will be a bit slower.
If you want to try it on one of your domains, read Cloudflare’s detailed steps to set it up.
Warning : The new Kyber encryption will receive changes that will be incompatible with the older encryption in the coming months, and Cloudflare’s application will change to be compatible with early adopters. Additionally, if the community identifies issues, then additional solutions will be added to Cloudflare’s application. Due to the rapid pace of change, Cloudflare cannot guarantee long-term stability or ongoing support.
If you liked this content follow me on medium ;)
Originally posted at:
